Magazine article Security Management

Minding the Network

Magazine article Security Management

Minding the Network

Article excerpt

Just over a year ago, systems managers at telecommunications giant Sprint, Inc., began a project to manage all of the company's UNIX-based systems and to fortify one of its private networks. The network gives senior management access to proprietary information and also creates links with vendors and other affiliates.

The company had experienced no serious break-ins, attacks, or information theft. But managers recognized that the explosive growth of the Internet and the increasing savviness of computer users could at some point pose a threat to the company's information safety, says Matt Walton, network systems management analyst at Sprint's Lenexa, Kansas, site.

The company had already noticed a problem with lax security. For example, one employee discovered that a software application allowed access without requiring a password and proceeded to poke around. Although causing no harm, the incident made system administrators realize that access control was inadequate.

To manage the systems on that network, Walton and others knew an array of products would be needed. The company wanted to monitor the network for access violations, detect unauthorized activity, and be able to respond to any problem as it happened so that the least amount of damage was done.

"We would find out about an incident the next day or a couple days [later]," says Walton, "but meanwhile our systems [were] going bonkers on us."

Systems managers also wanted a solution that would allow for controlling security across all the company's various computer platforms, including UNIX and HP. In addition, the company wanted software that could generate trend reports and that could help management track whether all computer security policies were being followed.

The project, begun in late 1996, led to the January 1997 purchase of three software packages in the OmniGuard suite of network protection products from Rockville, Maryland-based AXENT Technologies, Inc. Walton says that the company chose OmniGuard's Intruder Alert, UNIX Resource Manager, and Enterprise Security Manager because of their multiple features and flexibility.

Intruder Alert (ITA) is a software and hardware combination that monitors the network twenty-four hours a day, seven days a week. It consists of a central computer, from which monitoring is reviewed by Sprint personnel, and a manager "brain" unit, which controls and distributes information for everything connected to the network, including all the servers, firewalls, and routers.

Sprint personnel programmed the system to detect violations of designated usage rules and policies. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed

Oops!

An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.